What is Grey Box Testing? Techniques, Example

Grey Box Testing

Grey Box Testing or Gray box testing is a software testing technique to test a software product or application with partial knowledge of internal structure of the application. The purpose of grey box testing is to search and identify the defects due to improper code structure or improper use of applications.

In this process, context-specific errors that are related to web systems are commonly identified. It increases the testing coverage by concentrating on all of the layers of any complex system.

Gray Box Testing is a software testing method, which is a combination of both White Box Testing and Black Box Testing method.

  • In White Box testing internal structure (code) is known
  • In Black Box testing internal structure (code) is unknown
  • In Grey Box Testing internal structure (code) is partially known

Grey Box Testing

In Software Engineering, Gray Box Testing gives the ability to test both sides of an application, presentation layer as well as the code part. It is primarily useful in Integration Testing and Penetration Testing.

Example of Gray Box Testing: While testing websites feature like links or orphan links, if tester encounters any problem with these links, then he can make the changes straightaway in HTML code and can check in real time.

Why Gray Box Testing

Gray Box Testing is performed for the following reason,

  • It provides combined benefits of both black box testing and white box testing both
  • It combines the input of developers as well as testers and improves overall product quality
  • It reduces the overhead of long process of testing functional and non-functional types
  • It gives enough free time for a developer to fix defects
  • Testing is done from the user point of view rather than a designer point of view

Gray Box Testing Strategy

To perform Gray box testing, it is not necessary that the tester has the access to the source code. A test is designed based on the knowledge of algorithm, architectures, internal states, or other high -level descriptions of the program behavior.

To perform Gray box Testing-

  • It applies a straightforward technique of black box testing
  • It is based on requirement test case generation, as such, it presets all the conditions before the program is tested by assertion method.
Techniques used for Grey box Testing are-
  • Matrix Testing: This testing technique involves defining all the variables that exist in their programs.
  • Regression Testing: To check whether the change in the previous version has regressed other aspects of the program in the new version. It will be done by testing strategies like retest all, retest risky use cases, retest within a firewall.
  • Orthogonal Array Testing or OAT: It provides maximum code coverage with minimum test cases.
  • Pattern Testing: This testing is performed on the historical data of the previous system defects. Unlike black box testing, gray box testing digs within the code and determines why the failure happened

Usually, Grey box methodology uses automated software testing tools to conduct the testing. Stubs and module drivers are created to relieve tester to manually generate the code.

Steps to perform Grey box Testing are:
  • Step 1: Identify inputs
  • Step 2: Identify the outputs
  • Step 3: Identify the major paths
  • Step 4: Identify Subfunctions
  • Step 5: Develop inputs for Subfunctions
  • Step 6: Develop outputs for Subfunctions
  • Step 7: Execute test case for Subfunctions
  • Step 8: Verify the correct result for Subfunctions
  • Step 9: Repeat steps 4 & 8 for other Subfunctions
  • Step 10: Repeat steps 7 & 8 for other Subfunctions

The test cases for grey box testing may include, GUI related, Security related, Database related, Browser related, Operational system related, etc.

Gray Box Testing Challenges

  • When a component under test encounter a failure of some kind may lead to abortion of the ongoing operation
  • When test executes in full but the content of the result is incorrect.


  • The overall cost of system defects can be reduced and prevented from passing further with Grey box testing
  • Grey box testing is suited more for GUI, Functional Testing, security assessment, web applications, web-services, etc.
  • Techniques used for Grey box Testing